These messages were captured from Telenet PC-Pursuit NET-EXCHANGE BBS...
------------------------------------------------------------------------
Msg # 6028 Dated 02-27-88 21:48:34
From: MICHAEL MURRAY
To: ALL
Re: LOOKS LIKE A HACKER
I've encountered a certain situation twice in the past week that leaves
me with a few questions. Upon connecting to my Telenet indial node, in
between attempts to connect to either a Telenet service or outdial
modem, I've gotten the following message:
CONNECTION FROM 301 18A
The first time this happened, whoever was on the other end began typing
several obscenities. Tonight when this happened, the person attempted
to generate a false "@" prompt. Whoever was doing this was trying to
lure me into typing in my PCP acct and password. Sure enough, when I fed
the prompt a made-up acct, hit return...I got back what I know was a
misleading prompt.
I don't think my acct/pw got to him/her, but it scares me that someone
can make such a connection. I called up the Telenet service number to
report this, but all I was told is that nothing can be done except to
change the password, at MY expense. Anybody else have this happen to
them?
Mike
------------------------------------------------------------------------
Msg # 6057 Dated 02-28-88 09:47:49
From: IMA HACKER-
To: ALL
Re: IMPORTANT
The *PCP HACKERS* are working to show PCP what we think of their awful
service and policies. We have been STEALING PCP IDs and PWs and using
them. We can HACK into TELENET and connect to your indial modem without
you even knowing it. Then we watch you hammer at a distant modem with
those dialing scripts and it fills our screen with your pw and id. You
don't see your pw but *WE DO* and we have hundreds of PCP IDs and PWs.
Your TELENET *CONTRACT* makes YOU responsible for all charges to your
ID, and PCP just sent out bills from back in September! We want more
outdial modems and less BUSY. We want responsive Customer Service. We
want a realistic CONTRACT, 300 and 2400 baud. SCREW PCP until then!!!
------------------------------------------------------------------------
Msg # 6062 Dated 02-28-88 12:59:42
From: TONY WADDELL
To: IMA HACKER-
Re: (R)IMPORTANT
I don't know if message #6057 is for real or not ( I find some of the
claims hard to believe ), but perhaps PC-Pursuit should make it just a
little easier for users to change their passwords. I understand it's
quite a nose bleed to get one changed.
------------------------------------------------------------------------
Msg # 6072 Dated 02-27-88 15:45:04
From: LEE RIMAR
To: TOM WADDELL
Re: PASSWORD CHANGES
TW> I don't know if message #6057 is for real or not (I find some of
TW> the claims hard to believe) . . .
(regarding a message on "hacking" PC-Pursuit)
.
I just called Customer Service and expressed concern about it.
Unfortunately, they say it's entirely possible. And that they're
working on the problem.
.
TW> Perhaps PC-Pursuit should make it just a little easier for users
TW> to change their passwords. I understand it's quite a nose bleed
TW> to get one changed.
.
That was not my experience. I changed mine last Monday. Took
less than 10 minutes on the phone (the 1-800-TELENET number), and
the new id/password was in effect immediately.
.LDR
------------------------------------------------------------------------
Msg # 6073 Dated 02-27-88 15:46:13
From: LEE RIMAR
To: IMA HACKER
Re: YOUR INTENTIONS
You claim your aim is to get better customer service from Telenet,
more modems, et al. Has it ever occured to you that your "screw the
system" attitude may be causing more trouble than it solves? Screwing
up Telenet's ability to provide service seems unlikely to result in
better service.
That's always struck me as an argument against violent revolts;
from socialist to anarchist. Patterned after my comment above:
Blowing up a rich man's house does not put a roof over a poor man's
head. See you in the Issues area if you care to debate it.
.LDR
------------------------------------------------------------------------
Msg # 6074 Dated 02-27-88 16:04:02
From: JAMES NORTH
To: ALL
Re: ID PASSWORD SNACTCHING
If password pirates are able to steal PC Pursuit ids and passwords,then
it is possible for them to steal the ids and passwords of business
users that use the Telenet network. Such stolen ids and passwords would
enable such pirates to make illegal international data calls at someone
else's expense. THE ENTIRE TELENET PACKET SWITCHING NETWORK MAY BE IN
DANGER! If this is true, hopefully there is someway that Telenet can
correct this security problem. We could see the termination of the PC
Pursuit service because of this!
------------------------------------------------------------------------
Msg # 6076 Dated 02-27-88 16:21:29
From: BOB FREED
To: TONY WADDELL
Re: (R)IMPORTANT
Re: 6057, 6062
It's for real. I've gotten a new user id and two new passwords in the
past two weeks because of this situation. It's not true that these
jokers can intercept your session completely undetected, though. If
you see a message such as "CONNECTION FROM xxx yyy", disconnect
immediately or contact customer service on a second line.
------------------------------------------------------------------------
Msg # 6077 Dated 02-27-88 16:28:08
From: BOB FREED
To: IMA HACKER-
Re: (R)IMPORTANT
Re: 6057
As I see it, the only thing you're accomplishing is to destroy this
system completely. I'm sure we won't see any of the things you
mentioned (more outdial modems, less BUSY, responsive service, better
contract, 300 and 2400 bps) any sooner if Telenet has to spend
considerable time and effort plugging leaks in their security. In fact,
we may never see them at all. Here's hoping they catch you soon....
------------------------------------------------------------------------